We claim: 

1 1 . A computer program product for digitally notarizing a collection comprising a plurality of 

2 data streams, the computer program product embodied on one or more computer-usable media 

3 and comprising: 

4 computer-readable program code means for computing a hash value over each of the 

5 plurality of data streams, wherein each data stream is created by a different application processing 

6 component; 

7 computer-readable program code means for combining each hash value with a unique 
J, identifier of the application processing component which created the data stream for which the 
I hash value was computed, thereby creating a combination data block; 

IP computer-readable program code means for hashing the combination data block; 

#1 computer-readable program code means for digitally signing the hashed combination data 

block with a private cryptographic key, wherein the private cryptographic key and a public 

P cryptographic key which is cryptographically associated therewith represent a digital notary; and 

ill computer-readable program code means for providing the digitally signed hashed 

1 5 combination data block, along with the combination data block, as the digital notarization for the 

1 6 collection plurality of data streams, wherein the digital notarization cryptographically seals 

1 7 contents of the collection of data streams. 

1 2. The computer program product according to Claim 1, wherein: 
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2 the computer-readable program code means for combinitig and the computer-readable 

3 program code means for hashing operate on pairs of (hash values, identifiers), one pair for each of 

4 the plurality of data streams; 

5 the computer-readable program code means for digitally signing digitally signs each of the 

6 hashed pairs; and 

7 the computer-readable program code means for providing provides the digitally signed 

8 hashed pairs, along with the hashed pairs, as the digital notarization. 

4 3 . The computer program product according to Claim 1 , wherein: 

the computer-readable program code means for computing a hash operates periodically, 

i upon expiration of an elapsed time value, to compute a hash value over each of a plurality of 

y4 segments of each data stream; 

;L5 the computer-readable program code means for combining, the computer-readable 

li program code means for hashing, and the computer-readable program code means for digitally 
signing all operate on the periodically-computed hash vabes for each data stream; and 

8 the computer-readable program code means for providing provides the digitally signed 

9 periodically-computed hash values, along with the periodically-computed hash values, as the 

10 digital notarization; and 

1 1 further comprising computer-readable program code means for inserting an identification 

12 of a time corresponding to each of the periodically-computed hash values at appropriate locations 

1 3 within each of the data streams. 
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1 4 The computer program product according to Claim 3, wherein the computer-readable 

2 program code means for inserting uses MPEG-4 synchronization timestamping. 

1 5. The computer program product according to Claim 3, wherein authenticity and integrity 

2 of each of the segments is independently verifiable. 

1 6. The computer program product according to Claim 3, fiirther comprising: 

2 computer-readable program code means for extracting selected ones of the segments of 
1 the data streams; and 

'I computer-readable program code means for verifying integrity of the extracted selected 

M ones using the pubhc cryptographic key of the digital notary. 

1,1 7. The computer program product according to Claim 3, further comprising: 

[J computer-readable program code means for authenticating, by the digital notary, each of 

f :| the application processing components; 

4 computer-readable program code means for extracting selected ones of the segments of 

5 the data streams; and 

6 computer-readable program code means for verifying authenticity of the extracted selected 

7 ones using the public cryptographic key of the digital notary and the digital notarization. 

1 8. The computer program product according to Claim 1 , forther comprising: 
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2 computer-readable program code means for adding an additional data stream to the 

3 collection, wherein the additional data stream comprises the distal notarization. 

1 9. The computer program product according to Claim 7, wherein the identifiers serve to 

2 identify data streams from each of the authenticated application processing components. 

1 10. The computer program product according to Claim 1, fiirther comprising computer- 

2 readable program code means for authenticating each of the application processing components 
.4 using the unique identifier thereof, along with a digital signature of the unique identifier that is 

3 created using a private key of the application processing component. 

4l 11. The computer program product according to Claim 10, wherein inclusion of the unique 

:L2 identifiers within the combination data block allows concluding that each data stream in the 

5 collection was created by an authentic application processing component if operation of a 

-=3 verification process succeeds, wherein the verification process fiirther comprises: 

5 using the public cryptographic key of the digital notary to decrypt the digitally signed 

6 hashed combination data block, yielding a new version of the hashed combination data block and 

7 a new version of the combination data block; 

8 computing a new hash over the new version of the combination data block; and 

9 determining whether the new hash is identical to the new version of the hashed 
1 0 combination data block. 
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1 12. The computer program product according to Claim 1 1 , wherein successful operation of 

2 the verification process also allows concluding that the data streams in the collection have not 

3 been altered. 

1 13. A system for digitally notarizing a collection comprising a plurality of data streams, 

2 comprising: 

3 means for computing a hash value over each of the plurality of data streams, wherein each 

4 data stream is created by a different appUcation processing component; 

4 means for combining each hash value with a unique identifier of the application processing 

^ component which created the data stream for which the hash value was computed, thereby 

=p creating a combination data block; 

;l8 means for hashing the combination data block; 

;L9 means for digitally signing the hashed combination data block with a private cryptographic 

!lD key, wherein the private cryptographic key and a public cryptographic key which is 

ill cryptographically associated therewith represent a digital notary; and 

1 2 means for providing the digitally signed hashed combination data block, along with the 

1 3 combination data block, as the digital notarization for the collection of data streams, wherein the 

14 digital notarization cryptographically seals contents of the collection of data streams. 

1 14. The system according to Claim 13, wherein: 

2 the means for combining and the means for hashing operate on pairs of (hash values, 

3 identifiers), one pair for each of the plurality of data streams; 
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the means for digitally signing digitally signs each of the hashed pairs; and 
the means for providing provides the di^tally signed hashed pairs, along with the hashed 
pairs, as the digital notarization. 



1 15. The system according to Claim 1 3, wherein: 

2 the means for computing a hash operates periodically, upon expiration of an elapsed time 

3 value, to compute a hash value over each of a plurality of segments of each data stream; 

4 the means for combining, the means for hashing, and the means for digitally signing all 
4^ operate on the periodically-computed hash values for each data stream; and 

I the means for providing provides the digitally signed periodically-computed hash values, 

f along with the periodically-computed hash values, as the digital notarization; and 

=1 further comprising means for inserting an identification of a time correspondmg to each of 
the periodically-computed hash values at appropriate locations within each of the data streams. 

El 16. The system according to Claim 1 5, wherein the means for inserting uses MPEG-4 

2 synchronization timestamping. 

1 1 7. The system according to Claim 15, wherein integrity of each of the segments is 

2 independently verifiable. 

1 18. The system according to Claim 15, further comprismg; 

2 means for extracting selected ones of the segments of the data streams; and 
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3 means for verifying integrity of the extracted selected ones using the public cryptographic 

4 key of the digital notary. 

1 19. The system according to Claim 1 5, further comprising: 

2 means for authenticating, by the digital notary, each of the application processing 

3 components; 

4 means for extracting selected ones of the segments of the data streams; and 

5 means for verifying authenticity of the extracted selected ones using the public 

6 cryptographic key of the digital notary and the digital notarization. 

|. 20. The system according to Claim 13, further comprising means for adding an additional data 

"T" 

I; Stream to the collection, wherein the additional data stream comprises the digital notarization, 

ff 21 . The system according to Claim 19, wherein the identifiers serve to identify data streams 

^ from each of the authenticated application processing components. 

1 22, The system according to Claim 13, further comprising means for authenticating each of 

2 the appUcation processing components using the unique identifier thereof, along with a digital 

3 signature of the unique identifier that is created using a private key of the application processing 

4 component. 
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1 23 . The system according to Claim 22, wherein inclusion of the unique identifiers within the 

2 combination data block allows concluding that each data stream in the collection was created by 

3 an authentic application processing component if operation of a verification process succeeds, 

4 wherein the verification process further comprises: 

5 using the public cryptographic key of the digital notary to decrypt the digitally signed 

6 hashed combination data block, yielding a new version of the hashed combination data block and 

7 a new version of the combination data block; 

8 computing a new hash over the new version of the combination data block; and 

9 determining whether the new hash is identical to the new version of the hashed 
W combination data block. 

J: 24. The system according to Claim 23, wherein successful operation of the verification 

^2 process also allows concluding that the data streams in the collection have not been altered. 

^ 25. A method of digitally notarizing a collection comprising a phirality of data streams, 

" 2 comprising steps of 

3 computing a hash value over each of the plurality of data streams, wherein each data 

4 stream is created by a different application processing component; 

5 combining each hash value with a unique identifier of the application processing 

6 component which created the data stream for which the hash value was computed, thereby 

7 creating a combination data block; 

8 hashing the combination data block; 
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digitally signing the hashed combination data block with a private cryptographic key, 
wherein the private cryptographic key and a public cryptographic key which is cryptographically 
associated therewith represent a digital notary; and 

providing the digitally signed hashed combination data block, along with the combination 
data block, as the digital notarization for the collection of data streams, wherein the digital 
notarization cryptographically seals contents of the collection of data streams, 

26. The method according to Claim 25, wherein: 

the combining step and the hashing step operate on pairs of (hash values, identifiers), one 

pair for each of the plurality of data streams; 

the digitally signing step digitally signs each of the hashed pairs; and 

the providing step provides the digitally signed hashed pairs, along with the hashed pairs, 

as the digital notarization. 

27. The method according to Claim 25, wherein: 

the step of computing a hash operates periodically, upon expiration of an elapsed time 
value, to compute a hash value over each of a plurality of segments of each data stream; 

the combining step, the hashing step, and the digitally signing step all operate on the 
periodically-computed hash values for each data stream; and 

the providing step provides the digitally signed periodically-computed hash values, along 
with the periodically-computed hash values, as the digital notarization; and 
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fiirther comprising the step of inserting an identification of a time corresponding to each of 
the periodically-computed hash values at appropriate locations within each of the data streams. 



1 28. The method according to Claim 27, wherein the inserting step uses MPEG-4 

2 synchronization timestamping. 

1 29. The method according to Claim 27, wherein integrity of each of the segments is 

2 independently verifiable, 

:^ 30. The method according to Claim 27, fijrther comprising the steps of 

1 extracting selected ones of the segments of the data streams; and 

# verifying integrity of the extracted selected ones using the public cryptographic key of the 

^ 4 digital notary. 

J. 31. The method according to Claim 27, fijrther comprising the steps of 

2 authenticating, by the digital notary, each of the application processing components; 

3 extracting selected ones of the segments of the data streams; and 

4 verifying authenticity of the extracted selected ones using the public cryptographic key of 

5 the digital notary and the digital notarization. 
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1 32. The method according to Claim 25, forther comprising the step of adding an additional 

2 data stream to the collection, wherein the additional data stream comprises the digital 

3 notarization. 

1 33 , The method according to Claim 3 1 , wherein the identifiers serve to identify data streams 

2 from each of the authenticated application processing components. 

1 34. The method according to Claim 25, fixrther comprising the step of authenticating each of 

1 the application processing components using the unique identifier thereof, along with a digital 

,"3 signature of the unique identifier that is created using a private key of the application processing 

^ component. 

JLJ 3 5 . The method according to Claim 34, wherein inclusion of the unique identifiers within the 

p combination data block allows concluding that each data stream in the collection was created by 

A an authentic application processing component if operation of a verification process succeeds, 

4 wherein the verification process fiirther comprises: 

5 using the public cryptographic key of the digital notary to decrypt the digitally signed 

6 hashed combination data block, yielding a new version of the hashed combination data block and 

7 a new version of the combination data block; 

8 computing a new hash over the new version of the combination data block; and 

9 determining whether the new hash is identical to the new version of the hashed 
1 0 combination data block. 
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1 36. The method according to Claim 35, wherein successful operation of the verijScation 

2 process also allows concluding that the data streams in the collection have not been altered. 

1 37- A digitally notarized collection of data streams, comprising: 

2 a plurality of data streams in the collection, wherein each data stream is created by a 

3 different application processing component; and 

4 a digital notarization of the collection, created by the steps of 

^ 5 computing a hash value over each of each of the plurality of data streams; 

'tp combining each hash value with a unique identifier of the appUcation processing 

1? component which created the data stream for which the hash value was computed, thereby 

.0 creating a combination data block; 
9 hashing the combination data block; 

digitally signing the hashed combination data block with a private cryptographic 

/4 key, wherein the private cryptographic key and a pubhc cryptographic key which is 

12 cryptographically associated therewith represent a digital notary; and 

13 providing the digitally signed hashed combination data block, along with the 

14 combination data block, as the digital notarization for the collection of data streams, wherein the 

15 digital notarization cryptographically seals contents of the collection of data streams. 

1 38. A method of doing business using digitally notarized data streams, comprising steps of 
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2 digitally notarizing a collection comprising a plurality of data streams, further comprising 

3 steps of: 

4 computing a hash value over each of the plurality of data streams, wherein each 

5 data stream is created by a different application processing component; 

6 combining each hash value with a unique identifier of the appUcation processing 

7 component which created the data stream for which the hash value was computed, thereby 

8 creating a combination data block; 

9 hashing the combination data block; 

10 digitally signing the hashed combination data block with a private cryptographic 

n key, wherein the private cryptographic key and a public cryptographic key which is 

|S cryptographically associated therewith represent a digital notary, and 

43 providing the digitally signed hashed combination data block, along with the 

^14 combination data block, as the digital notarization for the collection of data streams; and 

verifying authenticity of the digitally notarized collection of data streams, by a receiver of 
the digital notarization, further comprising: 

17 using the public cryptographic key of the digital notary to decrypt the digitally 

1 8 signed hashed combination data block, yielding a new version of the hashed combination data 

19 block and a new version of the combination data block; 

20 computing a new hash over the new version of the combination data block; and 

21 determining whether the new hash is identical to the new version of the hashed 

22 combination data block, and if so, concluding that the data streams in the collection have not been 

23 altered. 
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